﻿using Microsoft.Win32.SafeHandles;
using System;
using System.Runtime.InteropServices;
namespace UacHelper
{
    /// <summary>
	/// Represents a wrapper class for a token handle.
	/// </summary>
	internal class SafeTokenHandle : SafeHandleZeroOrMinusOneIsInvalid
    {
        private SafeTokenHandle() : base(true)
        {
        }

        internal SafeTokenHandle(IntPtr handle) : base(true)
        {
            base.SetHandle(handle);
        }

        [DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)]
        internal static extern bool CloseHandle(IntPtr handle);

        protected override bool ReleaseHandle()
        {
            return SafeTokenHandle.CloseHandle(this.handle);
        }
    }

    /// <summary>
	/// The SECURITY_IMPERSONATION_LEVEL enumeration type contains values 
	/// that specify security impersonation levels. Security impersonation 
	/// levels govern the degree to which a server process can act on behalf 
	/// of a client process.
	/// </summary>
	internal enum SECURITY_IMPERSONATION_LEVEL
    {
        SecurityAnonymous,
        SecurityIdentification,
        SecurityImpersonation,
        SecurityDelegation
    }

    /// <summary>
	/// The structure represents a security identifier (SID) and its attributes.
	/// SIDs are used to uniquely identify users or groups.
	/// </summary>
	internal struct SID_AND_ATTRIBUTES
    {
        public IntPtr Sid;

        public uint Attributes;
    }

    /// <summary>
	/// The structure indicates whether a token has elevated privileges.
	/// </summary>
	internal struct TOKEN_ELEVATION
    {
        public int TokenIsElevated;
    }

    /// <summary>
	/// The TOKEN_ELEVATION_TYPE enumeration indicates the elevation type of 
	/// token being queried by the GetTokenInformation function or set by 
	/// the SetTokenInformation function.
	/// </summary>
	internal enum TOKEN_ELEVATION_TYPE
    {
        TokenElevationTypeDefault = 1,
        TokenElevationTypeFull,
        TokenElevationTypeLimited
    }

    /// <summary>
	/// The TOKEN_INFORMATION_CLASS enumeration type contains values that specify 
	/// the type of information being assigned to or retrieved from an access 
	/// token.
	/// </summary>
	internal enum TOKEN_INFORMATION_CLASS
    {
        TokenUser = 1,
        TokenGroups,
        TokenPrivileges,
        TokenOwner,
        TokenPrimaryGroup,
        TokenDefaultDacl,
        TokenSource,
        TokenType,
        TokenImpersonationLevel,
        TokenStatistics,
        TokenRestrictedSids,
        TokenSessionId,
        TokenGroupsAndPrivileges,
        TokenSessionReference,
        TokenSandBoxInert,
        TokenAuditPolicy,
        TokenOrigin,
        TokenElevationType,
        TokenLinkedToken,
        TokenElevation,
        TokenHasRestrictions,
        TokenAccessInformation,
        TokenVirtualizationAllowed,
        TokenVirtualizationEnabled,
        TokenIntegrityLevel,
        TokenUIAccess,
        TokenMandatoryPolicy,
        TokenLogonSid,
        MaxTokenInfoClass
    }

    /// <summary>
	/// The structure specifies the mandatory integrity level for a token.
	/// </summary>
	internal struct TOKEN_MANDATORY_LABEL
    {
        public SID_AND_ATTRIBUTES Label;
    }

    /// <summary>
	/// The WELL_KNOWN_SID_TYPE enumeration type is a list of commonly used 
	/// security identifiers (SIDs). Programs can pass these values to the 
	/// CreateWellKnownSid function to create a SID from this list.
	/// </summary>
	internal enum WELL_KNOWN_SID_TYPE
    {
        WinNullSid,
        WinWorldSid,
        WinLocalSid,
        WinCreatorOwnerSid,
        WinCreatorGroupSid,
        WinCreatorOwnerServerSid,
        WinCreatorGroupServerSid,
        WinNtAuthoritySid,
        WinDialupSid,
        WinNetworkSid,
        WinBatchSid,
        WinInteractiveSid,
        WinServiceSid,
        WinAnonymousSid,
        WinProxySid,
        WinEnterpriseControllersSid,
        WinSelfSid,
        WinAuthenticatedUserSid,
        WinRestrictedCodeSid,
        WinTerminalServerSid,
        WinRemoteLogonIdSid,
        WinLogonIdsSid,
        WinLocalSystemSid,
        WinLocalServiceSid,
        WinNetworkServiceSid,
        WinBuiltinDomainSid,
        WinBuiltinAdministratorsSid,
        WinBuiltinUsersSid,
        WinBuiltinGuestsSid,
        WinBuiltinPowerUsersSid,
        WinBuiltinAccountOperatorsSid,
        WinBuiltinSystemOperatorsSid,
        WinBuiltinPrintOperatorsSid,
        WinBuiltinBackupOperatorsSid,
        WinBuiltinReplicatorSid,
        WinBuiltinPreWindows2000CompatibleAccessSid,
        WinBuiltinRemoteDesktopUsersSid,
        WinBuiltinNetworkConfigurationOperatorsSid,
        WinAccountAdministratorSid,
        WinAccountGuestSid,
        WinAccountKrbtgtSid,
        WinAccountDomainAdminsSid,
        WinAccountDomainUsersSid,
        WinAccountDomainGuestsSid,
        WinAccountComputersSid,
        WinAccountControllersSid,
        WinAccountCertAdminsSid,
        WinAccountSchemaAdminsSid,
        WinAccountEnterpriseAdminsSid,
        WinAccountPolicyAdminsSid,
        WinAccountRasAndIasServersSid,
        WinNTLMAuthenticationSid,
        WinDigestAuthenticationSid,
        WinSChannelAuthenticationSid,
        WinThisOrganizationSid,
        WinOtherOrganizationSid,
        WinBuiltinIncomingForestTrustBuildersSid,
        WinBuiltinPerfMonitoringUsersSid,
        WinBuiltinPerfLoggingUsersSid,
        WinBuiltinAuthorizationAccessSid,
        WinBuiltinTerminalServerLicenseServersSid,
        WinBuiltinDCOMUsersSid,
        WinBuiltinIUsersSid,
        WinIUserSid,
        WinBuiltinCryptoOperatorsSid,
        WinUntrustedLabelSid,
        WinLowLabelSid,
        WinMediumLabelSid,
        WinHighLabelSid,
        WinSystemLabelSid,
        WinWriteRestrictedCodeSid,
        WinCreatorOwnerRightsSid,
        WinCacheablePrincipalsGroupSid,
        WinNonCacheablePrincipalsGroupSid,
        WinEnterpriseReadonlyControllersSid,
        WinAccountReadonlyControllersSid,
        WinBuiltinEventLogReadersGroup,
        WinNewEnterpriseReadonlyControllersSid,
        WinBuiltinCertSvcDComAccessGroup
    }
}
